Journal ArticleOPEN ACCESS

Evaluation the Information Security Management System: A Path Towards ISO 27001 Certification

  • Jevelin J
  • Faza A
Journal of Information Systems and Informatics (2023) 5(4) 1240-1256
DOI: 10.51519/journalisi.v5i4.572
N/ACitations
Citations of this article
87Readers
Mendeley users who have this article in their library.

Abstract

This study addresses the urgent need for robust data security by evaluating the Information Security Management System (ISMS) of a private contractor poised for ISO 27001 certification. It introduces the context of pervasive data breaches that necessitate stringent security measures. Employing a mixed-methods approach, the research method combines the KAMI index for quantitative maturity assessment with qualitative insights from staff interviews and literature reviews. The results reveal the contractor's ISMS maturity at levels I+ to II, indicating a shortfall in meeting the ISO 27001 benchmark. The discussion highlights the efficacy of the PDCA cycle in ISMS implementation, but also underscores the imperative for enhancements to fulfill certification requirements.

Cite

CITATION STYLE

APA

Jevelin, J., & Faza, A. (2023). Evaluation the Information Security Management System: A Path Towards ISO 27001 Certification. Journal of Information Systems and Informatics, 5(4), 1240–1256. https://doi.org/10.51519/journalisi.v5i4.572

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free